<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>CSRF攻击页面</title>
</head>
<body>
	<form action="/csrf-defend/userAdd" method="post">
	用户名：<input type="text" name="userNo">
	密    码：<input type="text" name="password">
	<input type="submit">
</form>
</body>
</html>